AboutPricingCommunityTeamsStart Free TrialLog in
Avatar of Tacobell2000
Tacobell2000
Flag for Canada asked on

dns errors show up in the event log: nx domain


Hello,

On 1 domain controller running Windows 2003 sp2 the event log is full of dns errors Event Id:7050. I enabled dns logging on the server and found this:

20080722 07:05:27 B8C PACKET  UDP Rcv 72.29.224.33    3b60 R Q [8081   DR  NOERROR] (6)bounce(4)geni(3)com(0)

20080722 07:05:27 B8C PACKET  UDP Snd 10.1.0.0     6222 R Q [8081   DR  NOERROR] (6)bounce(4)geni(3)com(0)

20080722 07:05:27 F6C PACKET  UDP Rcv  10.1.0.0    a384   Q [0001   D   NOERROR] (6)bounce(4)geni(3)com(0)

20080722 07:05:27 F6C PACKET  UDP Snd 72.29.224.33    136d   Q [0001   D   NOERROR] (6)bounce(
20080722 07:05:27 2E4 PACKET  UDP Snd 72.29.224.49    2b5a   Q [0001   D   NOERROR] (14)tastyhottreats(3)com(0)

20080722 07:05:27 F6C PACKET  UDP Rcv 72.29.224.49    2b5a R Q [8083  TDR  NOERROR] (14)tastyhottreats(3)com(0)

20080722 07:05:27 B8C PACKET  UDP Rcv 72.29.224.33    136d R Q [8081   DR  NOERROR] (6)bounce(4)geni(3)com(0)

20080722 07:05:27 B8C PACKET  UDP Snd  10.1.0.0      a384 R Q [8081   DR  NOERROR] (6)bounce(4)geni(3)com(0)

20080722 07:05:27 B8C PACKET  UDP Rcv  10.1.0.0      21dd   Q [0001   D   NOERROR] (2)23(2)87(2)78(3)208(2)bl(7)spamcop(3)net(0)

20080722 07:05:27 B8C PACKET  UDP Snd 72.29.224.33    0b74   Q [0001   D   NOERROR] (2)23(2)87(2)78(3)208(2)bl(7)spamcop(3)net(0)

20080722 07:05:27 2BC PACKET  TCP Snd 72.29.224.49    2b5a   Q [0001   D   NOERROR] (14)tastyhottreats(3)com(0)

20080722 07:05:27 2BC EVENT   The DNS server recv() function failed.
The event data contains the error.
20080722 07:05:27 B8C PACKET  UDP Rcv 72.29.224.33    0b74 R Q [8381   DR NXDOMAIN] (2)23(2)87(2)78(3)208(2)bl(7)spamcop(3)net(0)

20080722 07:05:27 B8C PACKET  UDP Snd  10.1.0.0      21dd R Q [8381   DR NXDOMAIN] (2)23(2)87(2)78(3)208(2)bl(7)spamcop(3)net(0)

20080722 07:05:27 B8C PACKET  UDP Rcv  10.1.0.0      21dd   Q [0001   D   NOERROR] (2)23(2)87(2)78(3)208(7)sbl-xbl(8)spamhaus(3)org(0)

20080722 07:05:27 B8C PACKET  UDP Snd 72.29.224.33    1b78   Q [0001   D   NOERROR] (2)23(2)87(2)78(3)208(7)sbl-xbl(8)spamhaus(3)org(0)

The error in the event log shows that it happened at 07:05:27.
I have no idea how to interpret the above.

please help,

Tacobell2000
DNS
Avatar of undefined
Last Comment
Tacobell2000
8/22/2022 - Mon
dalesit
This looks to me like you have some sort of anti-spam DNS blackhole querying going on.

When an inbound email arrives, the sender and/or urls listed in the email are checked against realtime blacklists. In this case it looks like bl.spamcop.net and sbl-xbl.spamhaus.org.

Cheers,

Joel
Tacobell2000
ASKER
yes....but do you think this is generating the DNS errors?

Tacobell2000
ASKER CERTIFIED SOLUTION
dalesit
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
GET A PERSONALIZED SOLUTION
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
Tacobell2000
ASKER
thanks.
This is the best money I have ever spent. I cannot not tell you how many times these folks have saved my bacon. I learn so much from the contributors.
rwheeler23
Plans and Pricing
Resources
Product
Podcasts
Careers
Contact Us
Teams
Certified Expert Program
Credly Partnership
Udemy Partnership
Privacy Policy
Terms of Use

© 1996-2023 Experts Exchange, LLC. All rights reserved. Covered by US Patent